Patients whose personal and medical data were exposed in a 2023 hacking incident at the Chattanooga Heart Institute, which operates under the Memorial Heart Institute name, face a fast-approaching deadline to file claims from a $3.75 million settlement. The filing window closes on July 13, and anyone who received a breach notice last year but has not yet submitted a claim risks forfeiting their share of the fund. The breach affected approximately 411,300 individuals, according to state attorney general records, and the settlement resolves a lawsuit tied directly to that incident.
Why the July 13 deadline carries real financial weight
Settlement funds in data-breach cases that go unclaimed often revert to the defendant organization rather than reaching the people whose information was compromised. That structure puts pressure on affected patients to act before the cutoff. Anyone who received a mailed notice with a unique claim number from the settlement administrator can use that number to file online or by mail.
Two separate rounds of consumer notifications went out after the breach. The first wave was sent on July 28, 2023, and a second followed on October 6, 2023, according to the Maine filing. That split timeline raises a practical question: patients who received the later October notice had a shorter window between learning about the breach and the claim deadline, which could depress their filing rates relative to those notified in July. Differences in follow-up outreach between the two waves, if any, would widen that gap further. No public data on claim-submission rates by notification cohort has been released.
For patients weighing whether to file, the settlement typically allows reimbursement for out-of-pocket expenses related to the breach, such as costs associated with credit monitoring, identity-theft services, or time spent resolving fraudulent activity. Exact categories and caps, however, are not detailed in the records reviewed for this article. That lack of clarity can make it harder for individuals to estimate what they might recover, but consumer advocates generally advise filing if there is any chance of qualifying for compensation.
Breach timeline and the $3.75 million settlement record
The hacking incident began on March 8, 2023, and went undetected until May 31, 2023, a gap of nearly three months. The Maine Attorney General’s record classifies it as an external system breach caused by hacking. The Chattanooga Heart Institute, listed as the reporting entity, disclosed that 411,300 individuals were affected, a figure consistent with the scale of a regional cardiology practice serving patients across multiple states. The breach involved sensitive personal and medical information, although the precise data fields compromised are not fully itemized in the publicly accessible summary…